摘要:
Provided is a program conversion apparatus for generating a secret holding program, which disables a malicious analyzer from analyzing the an original program easily.The program conversion apparatus generates a first instruction group for acquiring values to assign to selection parameters; a second instruction group that includes an instruction group for acquiring, based on an arithmetic expression that uses the selection parameters, a selection identifier showing a selection-target data piece to be processed next; a third instruction group for updates a value of each selection parameter so as to reflect one of (a) a selection identifier showing one of the selection-target data pieces that has already been processed, and (b) at least one of one or more values that have already been assigned to the selection parameters; and selection-target data pieces that, by processing in a predetermined order, output an execution result identical to a result of the original program, each of the selection-target data pieces being in correspondence with a different selection identifier. The program conversion apparatus generates the secret holding program so as to include the first instruction group, the second instruction group, the third instruction group and the selection-target data pieces.
摘要:
An obfuscating apparatus creates a table for inputting the same number of arguments for multiplying and squaring operations, and sets the output values of the table so that the outputs may depend on the arguments. With regard to the squaring operations, there are added and tabulated adding operations using the arguments necessary only for the multiplications, so that the number of arguments is equal to that of the multiplication operations. The outputs depend on all the arguments, so that the presence or absence of the added arguments is unknown unlike the case in which dummy arguments that are not processed are added.
摘要:
A program obfuscating device for generating obfuscated program from which unauthorized analyzer cannot obtain confidential information easily. The program obfuscating device stores original program that contains authorized program instructions and confidential process instruction group containing confidential information that needs to be kept confidential, generates process instructions which, when executed in predetermined order, provide same result, with execution of last process instruction thereof, as the confidential process instruction group, inserts the process instructions into the original program at position between start of the original program and the confidential process instruction group so as to be executed in the predetermined order, in place of the confidential process instruction group, generates dummy block as dummy of the process instructions, and inserts the dummy block and control instruction, which causes the dummy block to be bypassed, into the original program, and inserts branch instruction into the dummy block.
摘要:
Provided is an obfuscating apparatus for making a program analysis more difficult. The obfuscating apparatus creates a table for inputting the same number of arguments, for multiplying and squaring operations, and sets the output values of the table so that the outputs may depend on those arguments. To the squaring operations, more specifically, there are added and tabulated the adding operations using the arguments necessary only for the multiplications, so that the number of arguments is equalized to that of the multiplications. In this case, moreover, the outputs depend on all the arguments, so that the presence/absence of the added argument is unknown unlike the case, in which dummy arguments not to be actually processed are added.
摘要:
A program obfuscating device for generating obfuscated program from which unauthorized analyzer cannot obtain confidential information easily. The program obfuscating device stores original program that contains authorized program instructions and confidential process instruction group containing confidential information that needs to be kept confidential, generates process instructions which, when executed in predetermined order, provide same result, with execution of last process instruction thereof, as the confidential process instruction group, inserts the process instructions into the original program at position between start of the original program and the confidential process instruction group so as to be executed in the predetermined order, in place of the confidential process instruction group, generates dummy block as dummy of the process instructions, and inserts the dummy block and control instruction, which causes the dummy block to be bypassed, into the original program, and inserts branch instruction into the dummy block.
摘要:
A signature generation apparatus is capable of making a value used in signature generation processing difficult to analyze. In the signature generation apparatus, a random number generation module generates a len-bit random number u, a selection module converts the generated random number u into a bit expression, and acquires element pairs corresponding to the bit values from a table memory unit. A random element generation module applies a basic operation of a first group G and a second group to all acquired element pairs, and calculates an element Pk on the first group G and an element Pak on the second group Ga. The signature generation apparatus generates a digital signature S for a message m with use of a transformation module, a main operation module, an inverse transformation module, a multiplication module, a division module, and a signature data generation module.
摘要:
A signature generation apparatus is capable of making a value used in signature generation processing difficult to analyze. In the signature generation apparatus, a random number generation module generates a len-bit random number u, a selection module converts the generated random number u into a bit expression, and acquires element pairs corresponding to the bit values from a table memory unit. A random element generation module applies a basic operation of a first group G and a second group to all acquired element pairs, and calculates an element Pk on the first group G and an element Pak on the second group Ga. The signature generation apparatus generates a digital signature S for a message m with use of a transformation module, a main operation module, an inverse transformation module, a multiplication module, a division module, and a signature data generation module.
摘要:
A computer system that makes it difficult to analyze the content of a calculation. A power operation unit (262) performs the following operations using the input data “a” and “b”: ga=ga mod n, gb=gb mod n. Next, a multiplication unit (264) performs the following calculation using ga and gb: gab=ga×gb mod n. Next, a discrete logarithm calculation unit (266) calculates ci mod pi−1 to satisfy gab=gci mod pi (i=1, 2, 3, . . . ,k). Next, a CRT unit (267) calculates “c” to satisfy ci=c mod pi−1 (i=1, 2, 3, . . . ,k) using the Chinese remainder theorem CRT.
摘要:
A data processing device for playing back a digital work reduces the processing load involved in verification by using only a predetermined number of encrypted units selected randomly from multiple encrypted units constituting encrypted contents recorded on a DVD. In addition, the data processing device improves the accuracy of detecting unauthorized contents by randomly selecting a predetermined number of encrypted units every time the verification is performed.
摘要:
A content distribution system for transferring contents between transmission device and reception device. The transmission device includes: key obtaining unit that obtains, from reception device, public keys and public key identifiers; watermark embedding unit that embeds a different public key identifier, as electronic watermark, into each of contents that are identical in substance; an encryption unit that encrypts contents using public keys to generate encrypted contents; and transmission unit that transmits encrypted contents to reception device. The reception device includes: key storage unit storing public keys, public key identifiers, and a private key that makes a pair with one of the public keys; key transmission unit that transmits public keys and public key identifiers to the transmission device; content receiving unit that receives encrypted contents from transmission device; and decryption unit that obtains a content from the received encrypted contents, using the private key.